Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Player FM - Internet Radio Done Right
Checked 4d ago
اضافه شده در three سال پیش
محتوای ارائه شده توسط Eric Sorensen. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Eric Sorensen یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
مشابه Security Breach
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Technical interviews about software topics.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
Daily Deals
پادکست هایی که ارزش شنیدن دارند
حمایت شده
Jay is more than just the host of All About Change podcast. He is a lawyer and international activist, who has focused his life’s work on seeking social justice by advocating for the rights of people with disabilities worldwide. On the special episode of All About Change, Mijon Zulu, the managing producer of the "All About Change" podcast, is taking over hosting duties to interview Jay Ruderman about his new book, his activist journey, and why activism is even more important today. Episode Chapters (0:00) intro (02:38) How does one choose a cause to go after? (03:33) Jay’s path to activism (07:50) Practical steps a new activist can take (09:24) Confrontation vs trolling (17:36) Learning from activists operating in different sectors (19:20) Resilience in activism (22:24) Reflections on Find Your Fight and goodbye For video episodes, watch on www.youtube.com/@therudermanfamilyfoundation Stay in touch: X: @JayRuderman | @RudermanFdn LinkedIn: Jay Ruderman | Ruderman Family Foundation Instagram: All About Change Podcast | Ruderman Family Foundation To learn more about the podcast, visit https://allaboutchangepodcast.com/ Looking for more insights into the world of activism? Be sure to check out Jay’s brand new book, Find Your Fight , in which Jay teaches the next generation of activists and advocates how to step up and bring about lasting change. You can find Find Your Fight wherever you buy your books, and you can learn more about it at www.jayruderman.com .…
Legacy Mindsets Are Helping Hackers Weaponize Networks
Manage episode 445777548 series 3352216
محتوای ارائه شده توسط Eric Sorensen. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Eric Sorensen یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
So, my daughters like to give me a hard time about growing old.
Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the production process has remained constant.
But as sensors, network connections and access parameters have been upgraded to improve output, these highly prized pieces of equipment are showing their age from a cybersecurity perspective. The challenges they present are reinforced with findings from Fortinet’s 2024 State of Operational Technology and Cybersecurity Report.
A couple of key takeaways include findings that show nearly one-third of respondents experiencing six or more intrusions in the last year. Additionally, fewer respondents claimed 100 percent OT system visibility – with that number decreasing from 10 to five percent. On the bright side, we’re getting better in some areas, with 20 percent of organizations establishing visibility and implementing segmentation, up from only 13 percent the previous year.
Joining us to discuss these and other trends is Jon Taylor, Director and Principal of Security with Versa Networks, a leading provider of digital transformation and edge security solutions. Watch/listen as he discusses:
- Why the Purdue model might re outdated and preventing many from using new strategies like SASE.
- Why he believes visibility is security - "you have to see it do defend it," and how AI could be the solution.
- The need for OT to look at vulnerabilities from a network or architecture perspective, not by device or conn
As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.
Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...
Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI
Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.
Listen on: Apple Podcasts Spotify
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.
فصل ها
1. Legacy Mindsets Are Helping Hackers Weaponize Networks (00:00:00)
2. [Ad] Promoguy Talk Pills (00:15:47)
3. (Cont.) Legacy Mindsets Are Helping Hackers Weaponize Networks (00:16:20)
4. [Ad] Everyday AI: Your daily guide to grown with Generative AI (00:25:45)
5. (Cont.) Legacy Mindsets Are Helping Hackers Weaponize Networks (00:26:33)
130 قسمت
اشتراک گذاریManage episode 445777548 series 3352216
محتوای ارائه شده توسط Eric Sorensen. تمام محتوای پادکست شامل قسمتها، گرافیکها و توضیحات پادکست مستقیماً توسط Eric Sorensen یا شریک پلتفرم پادکست آنها آپلود و ارائه میشوند. اگر فکر میکنید شخصی بدون اجازه شما از اثر دارای حق نسخهبرداری شما استفاده میکند، میتوانید روندی که در اینجا شرح داده شده است را دنبال کنید.https://fa.player.fm/legal
So, my daughters like to give me a hard time about growing old.
Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the production process has remained constant.
But as sensors, network connections and access parameters have been upgraded to improve output, these highly prized pieces of equipment are showing their age from a cybersecurity perspective. The challenges they present are reinforced with findings from Fortinet’s 2024 State of Operational Technology and Cybersecurity Report.
A couple of key takeaways include findings that show nearly one-third of respondents experiencing six or more intrusions in the last year. Additionally, fewer respondents claimed 100 percent OT system visibility – with that number decreasing from 10 to five percent. On the bright side, we’re getting better in some areas, with 20 percent of organizations establishing visibility and implementing segmentation, up from only 13 percent the previous year.
Joining us to discuss these and other trends is Jon Taylor, Director and Principal of Security with Versa Networks, a leading provider of digital transformation and edge security solutions. Watch/listen as he discusses:
- Why the Purdue model might re outdated and preventing many from using new strategies like SASE.
- Why he believes visibility is security - "you have to see it do defend it," and how AI could be the solution.
- The need for OT to look at vulnerabilities from a network or architecture perspective, not by device or conn
As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.
Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...
Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI
Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.
Listen on: Apple Podcasts Spotify
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.
If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.
فصل ها
1. Legacy Mindsets Are Helping Hackers Weaponize Networks (00:00:00)
2. [Ad] Promoguy Talk Pills (00:15:47)
3. (Cont.) Legacy Mindsets Are Helping Hackers Weaponize Networks (00:16:20)
4. [Ad] Everyday AI: Your daily guide to grown with Generative AI (00:25:45)
5. (Cont.) Legacy Mindsets Are Helping Hackers Weaponize Networks (00:26:33)
130 قسمت
همه قسمت ها
×
We talk a lot about the growing complexity of hacking groups and how their tools and tactics continue to evolve. One such evolution is the ongoing specialization that runs rampant throughout the black hat community – especially when it comes to ransomware. The rise of initial access brokers, affiliate programs, spoofing domain creators, dark web communities, and more are fueling ransomware-as-a-service groups and posing new cybersecurity challenges. And while numerous reports detail the rise in ransomware attacks and the escalating amounts being paid in seeking a reprieve from denial of service, data extortion, and supply chain hacks, one recent finding really stood out. In their annual State of Ransomware Report , Blackfog stated that manufacturing had the highest number of undisclosed ransomware attacks, when compared to all other industries. So, as tough as we know the ransomware challenge is – it’s actually a bit worse than we acknowledge because of the growing number of attacks that go unreported. Fortunately, we have an army of highly skilled individuals working to combat these threats. And that includes our guest for today’s episode - Fortra's senior manager of domain and dark web monitoring solutions, Nick Oram. Watch/listen as we discuss: The surge of new ransomware tactics and groups, like RansomHub. The origins and continued growth of Initial Access Brokers (IABs) within the ransomware community. How affiliate programs are helping both RaaS and IAB groups increase their rate of successful attacks. Why dark web monitoring might be more important than ever for manufacturers. The ongoing "we adapt", "they adapt" dynamic. How to better educate the workforce and shift from a " As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
Breaking down silos while securing the cloud and leveraging secure-by-design advancements. The challenges facing the industrial OT landscape that emanate from external sources are … varied, complex and constantly evolving. Smarter hacking groups, AI-driven phishing schemes and deceptive malware viruses head the list of concerns. And while these factors show no signs of fading, the reality is that there are just as many challenges facing industrial cybersecurity that are embedded within the very foundation of our operations. These legacy dynamics have created internal battles that absorb valuable resources, waste precious talent and help the bad guys stay a step ahead. With this in mind, we’re going to tap into two key industry leaders to get their take on pressing, internal liabilities that are ensuring key production assets remain exposed. We'll hear from Silverfort’s Rob Larsen, as he discusses the ongoing struggles created by IT/OT silos, as well secure-by-design initiatives. Mandiant’s Paul Shaver will also offer his take on these silos, and how decisions related to cloud networking are impacting the security stature of key data, assets and network connections. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
One of the goals of the show is to help you better understand all the threats facing your OT assets, your data and your people. In order to do that, we work to identify those individuals with a feel and in-depth understanding of these threats and the evolving network of threat actors. And I can’t think of anyone better to break down the hacker landscape than an individual whose research has led to being followed by well-known data breachers on social media and considered persona-non-grata in countries housing many of the most notorious state-sponsored hacking groups in the world. It’s my pleasure to welcome Jeremiah Fowler back to Security Breach . You might remember that we originally spoke to him regarding a huge ERP data vulnerability last summer. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
When we talk about the threat landscape for the industrial sector, the eye-catching, headline-grabbing hacking groups with nefarious names typically lead the list of concerns. And while understanding their well-publicized exploits are important, what is often overlooked are all the little things these groups were able to do before dropping malware, shutting down networks, extorting ransoms, and stealing data. This is where taking the time to address those insecure connection points, update login credentials or patch zero and one-day vulnerabilities continue to be essential in the fight to safeguard operational technology and the industrial control system. But, the reasons these problems remain is that the solution is never as simple as it sounds. So, hopefully our collection of experts for this episode can help show you the way. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
While we’re still in the infancy of 2025, the New Year has proven to have no issues in welcoming in a number of pre-existing challenges – whether we’re talking about cybersecurity or … other social topics. So, in continuing this trend, we tapped into a unique collection of voices to discuss a topic that has, and will continue to be, vital to industrial cybersecurity efforts – Artificial Intelligence. First, we’ll hear from Mandiant’s Paul Shaver as he discusses the legacy dynamics of industrial cybersecurity, including ongoing obstacles associated with inventory, visibility and segmentation strategies – and the impact AI could have on all of them. Then we’ll transition to HackerOne’s Will Kapcio for his take on AI and the ongoing evolution of cybersecurity tools. We’ll wrap up with instructor and the author of the Hack is Back as he discusses what drove his desire to write the book, the impact AI is having on the next generation of cybersecurity specialists, and the evolving vulnerabilities they can expect to face. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
The continued evolution of the CyberAv3ngers hacking group and its IIoT-focused malware. We talk a lot about change on Security Breach. Some of it’s good and obviously some of it makes us want to tear our hair out. Well, this episode, surprisingly, should go easy on the scalp, even though it will focus on the IOCONTROL malware strand recently detected by Noam Moshe and Claroty’s Team82. The malware is described as a custom-built IoT/OT strand created by the Iran-based hacktivist group, the CyberAv3ngers. The malware targeted OT/IoT devices in Israel and the U.S. Moshe’s team detected the malware being used to attack IoT and SCADA/OT devices of various types including IP cameras, routers, PLCs, HMIs and firewalls. Typically, this is the part of the story that takes us down a dark and frustrating road, but as you’ll hear, that’s not necessarily the case this time. For more information on Team82’s findings on IOCONTROL, click here. Also, just a bit of housekeeping – we’re switching the frequency of Security Breach from weekly to bi-weekly. This change will allow me to spend more time on each episode, which will translate to greater depth and expanded coverage on all the pressing topics of industrial cybersecurity. And remember, this is your podcast – let me know your thoughts and feelings on the change and anything else you’d like to see on the show. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
S
Security Breach
Winston Churchill famously stated that, “Those who fail to learn from history are doomed to repeat it.” His concerns about applying lessons learned to post WWII foreign policy initiatives rings just as true in the current cybersecurity climate. So, in an effort to ensure we repeat as few of 2024’s mistakes in 2025, we’re going to take a look at some of the industrial sector’s biggest exploits, and offer solutions and strategies in our ever-raging combat with the Black Hats. Watch/listen as we cover: A unique supply chain hack that came up during our conversation with Theo Zafirakos , a Cyber Risk and Information Security Expert at Fortra . The fall of 2024 brought security compromises to the front door of a number of prominent industrial enterprises, including Halliburton . In early August millions were impacted when National Public Data, a major data broker that performs background checks, reported that 2.9 billion personal records from over a million individuals in the U.S., the U.K. and Canada were accessed. Ford Motor Company was also a target, with a data breach that saw hacking groups steal 44,000 records containing personal and product information. Anna Wells, executive editor of Manufacturing.net and Manufacturing Business Technology, brought u As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
As we begin to close out 2024 and look ahead to 2025, I couldn’t resist the urge to revisit some of my favorite guests from the last couple of months. While I’m grateful for everyone we’ve had on the show, and all the support we continue to receive from the industrial cybersecurity community, I felt these comments were worth another listen, with special focus being given to a handful of the most critical issues confronting our OT environments. First, we hear from Jon Taylor (1:16) at Versa , as he discusses a unique approach to patching and secure-by-design strategies that involve the development embedded micro-segmentation approaches. Next, we’ll hear from Cloud Range’s Tom Marsland (11:18) as he discusses the continued challenges presented by data silos, and innovative ways to address the shortage of cybersecurity specialists. Then we’ll turn to Baker Tilly’s Jeff Krull (19:42) as he reports on ransomware gangs and their combination of new and old tactics. And we’ll finish up with cybersecurity researcher Jeremiah Fowler (29:40) as he discusses some of the ongoing challenges about addressing persistent vulnerabilities. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
According to Fortinet’s 2024 State of Operational Technology and Cybersecurity Report, 43 percent of those surveyed reported a loss of business critical data or intellectual property so far in 2024– a number this is up nearly 10 percent from last year. And we all know what happens with this hijacked data. Per the World Economic Forum’s May 2024 white paper, the number of ransomware attacks on industrial infrastructure doubled in 2023, boosting ransomware to the leading concern for manufacturers, with 40 percent citing it as their top issue. While that may not surprise you, this might - due to the many challenges we’ve discussed here on Security Breach , the industrial sector now accounts for 71 percent of all ransomware attacks. Our data is valuable and the hackers know it. To offer some perspective on protecting this data, we sat down with Karthik Krishnan, CEO of Concentric.ai – a leading provider of data security posture management solutions. Watch/listen as he provides insight on: Prioritizing and limiting data access to lessen the blast radius. How data, especially customer data, is essentially the "new oil." Reversing your mindset to think about "data out" instead of "user in". The generative AI advancements that continue to be made, and how they're producing more complex phishing and ransomware attacks. Why it has become easier for hackers to get a foothold on your network. The best ways to shore up your weakest security link - employees. How it all starts with data discovery and visualization, then prioritization. A look at the money involved with remediation and response costs versus proper planning and defense prep. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
Next to artificial intelligence, one of the biggest buzz terms in industrial cybersecurity right now might be SBOM, or software bill of materials. The term generates equal parts concern and eye roll as those entrusted with enterprise defense look to ensure that there are no embedded vulnerabilities amongst the data platforms they are both sourcing and utilizing within their offerings. Perhaps most frustrating is having to essentially reverse engineer a number of established products in order to quell security concerns. However, as frustrating as these efforts might be, the growing number of zero day hacks emanating from embedded security vulnerabilities will only continue to grow as we look to embed greater levels of sensor, software and AI-driven functionality. In this episode we hear from Marcellus Buchheit, President and CEO of Wibu-Systems USA, a leading provider of security solutions for embedded data and intellectual property. Watch/listen as we discuss: How vulnerabilities and risks need to be assessed beyond their expense to focus on updates, reconfigurations and the growing number of OT connection points. The need for SOPs that make it easier to assimilate cybersecurity into OT processes. Ways to more safely update the growing number of devices on the plant floor. Protecting IP and, more specifically, the software coding associated with it. The impact AI continues to have on increasing the sophistication of hacking attempts. Why all hacks are "highly preventable." The role of quantum computing and the steps to take in preparing for "Q Day". As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
We assembled some "nerds from the basement" to cover a key strategy in combatting evolving threats. Today’s episode is going to take on a little different flavor, as we’re going to show you one particular tool that can impact a number of your security planning, training and discovery strategies. While table top exercises are nothing new, we’re going to demonstrate how they’re evolving and can be customized according to your needs. We’re going to tackle the human element of cybersecurity by discussing communications strategies, and we’ll offer some insight on getting greater buy-in from throughout the organization, including the C-suite and those controlling the purse strings. Joining me to discuss these topics and run through a mock exercise will be: Navroop Mitter, the CEO and founder of ArmorText. His firm is a leader in secure out-of-band communications. Matthew Welling, a partner at Crowell & Moring's Washington, D.C. office, where he works in the firm's Privacy & Cybersecurity Group. Timothy Chase, the director of the Manufacturing ISAC, a non-profit organization and leading provider of threat intelligence sharing solutions. In addition to the table top exercise, we'll discuss: Communication challenges before, during and after an attack. Response strategies and the evolving dynamic of out-of-band communications. The ongoing challenges of addressing the Human Element of cybersecurity. The impact of regulatory efforts and how they're playing a bigger role in attack response plans. The types of tools or solutions that can play the biggest role in helping organizations respond to attacks more effectively. How to control the emotional responses that will undoubtedly emanate from an attack. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
S
Security Breach
For this episode, instead of tapping into one source for feedback and updates on industrial cybersecurity, we’re going to look at some of the key insights previous guests have offered on the evolving threat landscape – from increased risks emanating from technological integrations and an uptick in automation, to the more traditional adversaries responsible for next-generation malware, ransomware and phishing schemes. To kick things off, we'll hear from: Tom Marsland, VP of Technology for Cloud Range as he discusses threats to our infrastructure and state-sponsored groups from China. (3:31) He’ll be followed by Cyberhoot’s Craig Taylor as he updates us on phishing schemes. (5:45) And then we’ll hear from Jon Taylor at Versa Networks as he talks about strategies bad actors are taking in targeting legacy industrial control systems. While many of those topics are already at the top of our list of concerns, there are also a number of evolving threats that warrant an uptick in resources – from both a financial and skillset development perspective. We'll dive into comments from: (9:26) Corsha’s Anusha Iyer as she discusses supply chain and dwelling attacks. (15:33) Venafi’s Kevin Bocek and his take on embedded sof As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
While there are plenty of unknowns when it comes to protecting the OT attack surface, there are some things that are undeniably true. We know that the frequency of attacks will continue to increase. We know that it’s not if your ICS will be probed, but when. And we also know that asset and connection visibility is an ongoing challenge due to the implementation of more automated technology. Finally, we also know that one of the most important aspects of any cybersecurity plan is the portion that lays out the response. One of the most effective ways to address these concerns can be the use of attack simulations. In this episode we tap in to the expertise of Tom Marsland, VP of Technology for Cloud Range, a leading provider of live-fire cybersecurity exercises and training. Watch/listen as we discuss: All the little things that are continuing to pose challenges to industrial cybersecurity. Why state-sponsored hacker groups in China are getting more of his attention lately. Why successful incident response is about the people, not the tools. The importance of "training like you fight." His role with VetSec , and the role it can play in filling cybersecurity talent gaps. How to bring IT and OT together and why the onus on strengthening these bonds might fall more on IT. Why the culture of security needs to permeate throughout the entire organization. How AI can help make the most of your people. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
Maybe you’re sick of hearing about phishing schemes and the way hackers are using this strategy to infiltrate your networks, access intellectual data, shut down production, or hold your assets for ransom. If that’s the case, then you’ve made a lot of hackers very happy. And based on Proofpoint’s 2024 State of Phish report, protecting against phishing schemes is simply not being reinforced or given the proper priority. For example, 71% of surveyed users admitted to taking a risky action, and 96% knew they were doing something risky when interacting with email or text messages. 85% of security professionals said that most employees know they are responsible for security, but 59% of employees weren’t sure or claimed that they’re not responsible. Furthermore, 24% admitted to responding to emails or text messages from someone they don’t know, and 19% clicked on links in emails from people they don’t know. Finally, 73% of surveyed companies reported a business email compromise, but only 29% are actively teaching users about BEC attacks. To address these and other phishing attack dynamics, I sat down with Craig Taylor, co-founder of Cyberhoot, a leading provider of phishing prevention solutions. Watch/listen as we discuss: How hackers are going after session tokens to steal valuable credential data. Why phishing prevention training spends too much time on avoiding the click instead of positive reinforcement of proper actions. The need for worker training to go beyond any impact to the company, to the individual cyber risks as well. How adding "friction" to email could be a solution. The bad password advice that many high-level organizations continue to distribute. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
So, my daughters like to give me a hard time about growing old. Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the production process has remained constant. But as sensors, network connections and access parameters have been upgraded to improve output, these highly prized pieces of equipment are showing their age from a cybersecurity perspective. The challenges they present are reinforced with findings from Fortinet’s 2024 State of Operational Technology and Cybersecurity Report. A couple of key takeaways include findings that show nearly one-third of respondents experiencing six or more intrusions in the last year. Additionally, fewer respondents claimed 100 percent OT system visibility – with that number decreasing from 10 to five percent. On the bright side, we’re getting better in some areas, with 20 percent of organizations establishing visibility and implementing segmentation, up from only 13 percent the previous year. Joining us to discuss these and other trends is Jon Taylor, Director and Principal of Security with Versa Networks , a leading provider of digital transformation and edge security solutions. Watch/listen as he discusses: Why the Purdue model might re outdated and preventing many from using new strategies like SASE. Why he believes visibility is security - "you have to see it do defend it," and how AI could be the solution. The need for OT to look at vulnerabilities from a network or architecture perspective, not by device or conn As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor. Promoguy Talk Pills Agency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama... Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AI Can't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead. Listen on: Apple Podcasts Spotify To catch up on past episodes, you can go to Manufacturing.net , IEN.com or MBTmag.com . You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach , you can reach me at jeff@ien.com . To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.…
به Player FM خوش آمدید!
Player FM در سراسر وب را برای یافتن پادکست های با کیفیت اسکن می کند تا همین الان لذت ببرید. این بهترین برنامه ی پادکست است که در اندروید، آیفون و وب کار می کند. ثبت نام کنید تا اشتراک های شما در بین دستگاه های مختلف همگام سازی شود.
Daily Deals
Daily Deals
مشابه Security Breach
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
Tech News Briefing is your guide to what people in tech are talking about. Every weekday, we’ll bring you breaking tech news and scoops from the pros at the Wall Street Journal, insight into new innovations and policy debates, tips from our personal tech team, and exclusive interviews with movers and shakers in the industry.
…
continue reading
Technical interviews about software topics.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - برنامه پادکست
با برنامه Player FM !
با برنامه Player FM !
))
